09-06-2008 04:40 AM - edited 03-10-2019 04:04 PM
I would like to configure 2 groups of users on my 4500s using local authentication .The first group would have access only to the show commands and at the test tdr commands.The other user group would have unlimited access.Is it possible to do it through local authentication or i have to use a RADIUS or TACACS+ server?Keep in mind that the users will access the switches through telnet
Solved! Go to Solution.
09-06-2008 06:02 AM
If you go for Local use local authentication /authorization then you need to do it on per user basis and not on group basis. Locally we don't have any group. See this link
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
Best way to manage this set up is via radius or tacacs and set up command authorization using tacacs.
Regards,
~JG
Do rate helpful posts
09-06-2008 06:02 AM
If you go for Local use local authentication /authorization then you need to do it on per user basis and not on group basis. Locally we don't have any group. See this link
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
Best way to manage this set up is via radius or tacacs and set up command authorization using tacacs.
Regards,
~JG
Do rate helpful posts
09-10-2008 12:40 AM
Further to that i would like to log the configuration changes on the switches.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide